SOC Analyst L2

Responsibilities:

• Act as the primary point of contact for incident escalations from Tier 1/2 analysts.
• Act as technical contributor during major security incidents contributing to improvement in the team’s capability.
• Lead the investigation and response to security incidents, leveraging advanced technical skills and threat intelligence.
• Triage security alerts, perform in-depth analysis to determine root cause and impact, and develop effective containment and remediation strategies.
• Develop and execute incident response plans, ensuring proper communication and documentation throughout the incident lifecycle.
• Work in a ‘business hours + rostered on-call’ environment
• Utilize SIEM (Security Information and Event Management) and other security tools to identify and analyze potential threats.
• Develop and fine-tune security rules and correlation logic to improve threat detection capabilities.
• Maintain detailed documentation of security incidents, investigations, and response actions.

Requirements:

• 5-7 years of experience in a SOC or security analyst role.
• Proven track record of successfully identifying, analyzing, and responding to security incidents.
• Strong background in formulation and execution of threat hunt scenarios and the development of subsequent use cases to uplift detection capability.
• Experience working on any of the scripting languages such as Python etc.
• Relevant industry certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or CompTIA Security or Vendor certs are highly desirable.
• In-depth knowledge of Sentinel, Splunk, CrowdStrike, Securonix, LogRhythm, Rapid7 MS Defender, other Threat centric tools, IDS/IPS, email security, vulnerability scanners and other security technologies.
• Detection and mitigation strategies for a broad range of cyber threats, including malware, DDOS, hacking, phishing, lateral movement and data exfiltration.